A security vulnerability with the IBM FileNet P8 Content Engine and Content Search Engine has been identified and addressed

Technote (troubleshooting)

Problem(Abstract)

A security vulnerability with the IBM FileNet P8 Content Engine and Content Search Engine has been discovered. An attacker who successfully exploited this vulnerability could gain the same user rights as the user credentials used to install and configure the CSE or the user credentials used to bootstrap the CE. Environments that have followed the documented best practices guidelines and where account privileges are closely managed could experience less impact than environments where user accounts are given administrative or unnecessarily broad permissions.

The Fix Packs are available on Fix Central starting June 28, 2010. Please follow the standard procedure to download the mandatory Fix Packs required for your environment.

Please note that P8CE 4.5.1 Fix Pack 1, Fix Pack 2, P8CSE 4.5.0 Fix Pack 1, and Fix Pack 2 are no longer available at Fix Central as they are no longer supported. Please be aware that P8CE 4.5.1 Fix Pack 4 is required if you are upgrading from P8CE 3.5.x. Please see this Flash Alert for more details: